firefox: thunderbird: Same-origin policy bypass in the Request Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

firefox: thunderbird: Same-origin policy bypass in the Request Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...

Important: thunderbird

Issue Overview: Race condition in the Graphics component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30. CVE-2025-13012 Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30...

RHEL 9 : thunderbird (RHSA-2026:0003)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0003 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...

RHEL 8 : firefox (RHSA-2026:0005)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0005 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : firefox (RHSA-2026:0006)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0006 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 10 : thunderbird (RHSA-2026:0025)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0025 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...

RHEL 8 : firefox (RHSA-2026:0014)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0014 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : thunderbird (RHSA-2026:0022)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0022 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...

RHEL 9 : firefox (RHSA-2026:0016)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0016 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

ALSA-2026:0025 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC: Signaling component CVE-2025-14321 firefox: JIT...

RHEL 7 : firefox (RHSA-2026:0007)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0007 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RockyLinux 10 : thunderbird (RLSA-2026:0025)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0025 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

RHEL 9 : firefox (RHSA-2026:0013)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0013 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : thunderbird (RHSA-2026:0026)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0026 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...

RHEL 9 : firefox (RHSA-2026:0017)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0017 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC: Signaling component CVE-2025-14321 firefox: JIT...

CVE-2025-65922

PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...